function setLanguage(){ #选择语言
/* language setup */
if(array_key_exists("lang",$_REQUEST))
if(safeinclude("language/" . $_REQUEST["lang"] ))#检查输入
return 1;
safeinclude("language/en");
}
function safeinclude($filename){ #检查输入参数
if(strstr($filename,"../")){ #禁止目录遍历
logRequest("Directory traversal attempt! fixing request.");
$filename=str_replace("../","",$filename);
}
// dont let ppl steal our passwords
if(strstr($filename,"natas_webpass")){ #文件访问控制
logRequest("Illegal file access detected! Aborting!");
exit(-1);
}
// add more checks...
if (file_exists($filename)) { #检测目录是否存在
include($filename);
return 1;
}
return 0;
function logRequest($message){ #请求日志
$log="[". date("d.m.Y H::i:s",time()) ."]"; #时间日期
$log=$log . " " . $_SERVER['HTTP_USER_AGENT'];#加http_user_agent
$log=$log . " \"" . $message ."\"\n"; #加上message
$fd=fopen("/var/www/natas/natas25/logs/natas25_" . session_id() .".log","a"); #将日志信息写入文件
fwrite($fd,$log);
fclose($fd);
}
原文链接:https://www.cnblogs.com/ichunqiu/p/9554885.html
原创文章,作者:优速盾-小U,如若转载,请注明出处:https://www.cdnb.net/bbs/archives/17529
